nativeAuth with PAM guide - openfire 3.6.3

Disclaimer: This assumes you use the default install directories, this assumes you have general UNIX knowledge, this also assumes you are using version openfire 3.6.3. This guide may fail in the next release but hey I got you this far didn’t I:)

Getting Started

  1. In the admin interface after initial configuration

Server -> Server Manager -> System Properties

  1. Set provider.auth.className to

org.jivesoftware.openfire.auth.NativeAuthProvider

  1. Set provider.user.className to

org.jivesoftware.openfire.user.NativeUserProvider

  1. Set nativeAuth.domain to

openfire

  1. Set admin.authorizedJIDs to

localuser@xmpp.domain

WHERE localuser is a local user on the unix system you want to have admin access and WHERE the xmpp.domain variable is set in the system properties

  1. cp -Rp /opt/openfire/resources/nativeAuth/linux-i386/libshaj.so /opt/openfire/lib

  2. mkdir shaj && cd shaj

  3. wget http://opensource.cenqua.com/shaj/download/shaj-0.5.zip

  4. unzip shaj-0.5.zip

  5. mv shaj-0.5.jar /opt/openfire/lib

  6. cp -Rp /etc/pam.d/system-auth /etc/pam.d/openfire

  7. edit /etc/sysconfig/openfire and set

OPENFIRE_USER=“root”

  1. Restart Openfire

Some debug information

edit /opt/openfire/conf/openfire.xml

Change

false

to true

restart openfire

tail -f /opt/openfire/logs/{warn,error,debug}.log

For Postgres debugging

select * from public.ofproperty;

update public.ofproperty set propvalue=‘user@xmpp.domain’ where name=‘admin.authorizedJIDs’;

Restart openfire after you make any database changes!

64-bit support - You will need pam-devel installed for this to work

  1. mkdir shaj-src && cd shaj-src

  2. wget http://opensource.cenqua.com/shaj/download/shaj-0.5-src.zip

  3. unzip shaj-0.5-src.zip

  4. cd src/c/

  5. make

  6. cp libshaj.so /opt/openfire/lib